Software-defined Networking (SDN) provides an increased flexibility and cost savings by separating the data from the control plane. Despite these benefits, this separation also results in a greater attack surface as new devices and protocols are deployed. OpenFlow is one of these protocols and enables the communication between the switch and the controller. Ideally this connection takes place over an encrypted TLS channel, but as this feature is marked optional, it is not supported by all devices. This allows an attacker to eavesdrop and alter the communication, hence resulting in a comprised network. In this
work, we demonstrate a new approach for authentication based on device fingerprinting to enhance the security in scenarios,
where cryptographic mechanisms are unavailable.
%0 Generic
%1 info3-demo-2017-2
%A Gray, Nicholas
%A Zinner, Thomas
%A Tran-Gia, Phuoc
%B 15th IFIP/IEEE International Symposium on Integrated Network Management (IM), Lisbon, Portugal, May 2017
%D 2017
%K myown sardine ngn
%T Enhancing SDN Security by Device Fingerprinting
%X Software-defined Networking (SDN) provides an increased flexibility and cost savings by separating the data from the control plane. Despite these benefits, this separation also results in a greater attack surface as new devices and protocols are deployed. OpenFlow is one of these protocols and enables the communication between the switch and the controller. Ideally this connection takes place over an encrypted TLS channel, but as this feature is marked optional, it is not supported by all devices. This allows an attacker to eavesdrop and alter the communication, hence resulting in a comprised network. In this
work, we demonstrate a new approach for authentication based on device fingerprinting to enhance the security in scenarios,
where cryptographic mechanisms are unavailable.
@misc{info3-demo-2017-2,
abstract = {Software-defined Networking (SDN) provides an increased flexibility and cost savings by separating the data from the control plane. Despite these benefits, this separation also results in a greater attack surface as new devices and protocols are deployed. OpenFlow is one of these protocols and enables the communication between the switch and the controller. Ideally this connection takes place over an encrypted TLS channel, but as this feature is marked optional, it is not supported by all devices. This allows an attacker to eavesdrop and alter the communication, hence resulting in a comprised network. In this
work, we demonstrate a new approach for authentication based on device fingerprinting to enhance the security in scenarios,
where cryptographic mechanisms are unavailable.},
added-at = {2017-05-26T11:50:00.000+0200},
author = {Gray, Nicholas and Zinner, Thomas and Tran-Gia, Phuoc},
biburl = {https://www.bibsonomy.org/bibtex/28e718e6e9ce76f01ceefd7714cceeb86/uniwue_info3},
booktitle = {15th IFIP/IEEE International Symposium on Integrated Network Management (IM), Lisbon, Portugal, May 2017 },
interhash = {d488673977be898c9fcf8b8eeccbb79f},
intrahash = {8e718e6e9ce76f01ceefd7714cceeb86},
keywords = {myown sardine ngn},
month = {5},
timestamp = {2022-03-14T00:14:22.000+0100},
title = {Enhancing SDN Security by Device Fingerprinting},
year = 2017
}